package com.hxc.sercurity.express;

/**
 * @author 韩先楚
 */

import com.hxc.sercurity.configu.projo.User;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.stereotype.Component;

/**
 * 自定义授权表达式    @PreAuthorize("hasAnyAuthority( 'user')")
 */
@Component("ex")
public class AuthExpress {

    public Boolean hasAuthority(String auth)
    {
        //获取用户的权限集合
        User user = (User) SecurityContextHolder.getContext().getAuthentication().getPrincipal();
        String role = user.getRole();
        if (role==null)
            return false;

        if (role.equals(auth))
            return true;

        return false;
    }
}
